Massive Reach, Agile Tactics: Inside LuminousMoth’s Southeast Asia Cyber Spree

LuminousMoth, an advanced persistent threat (APT) group linked to the HoneyMyte (Mustang Panda) cluster, has distinguished itself through large-scale, targeted cyber-espionage campaigns across Southeast Asia. Unlike many APT actors that favor surgical precision, LuminousMoth has demonstrated a willingness to conduct sweeping attacks, adapting its tactics and infection chains to maximize reach. A key element of LuminousMoth’s toolkit is its strategic use of Living Off the Land Binaries (LOLBins) with mavinject.exe being a notable example in their toolkit.